What do the following companies have in common: Sony Pictures, Anthem, Blue Cross, Target, Lloyds Bank and Facebook? They are all victims of massive cyber attacks that resulted in data loss, financial consequences and loss of consumer confidence and reputation. They are also companies that had professional, well-planned and executed cybersecurity systems in place at the time of the attacks. What went wrong?
Each case is obviously unique, but what we see so often in situations like these is an over-reliance on a traditional multi-layered detection-based approach to security. Detect and respond only works in threat scenarios that are becoming less common and less relevant in today’s reality.
The traditional layered, detect and respond approach is based on several assumptions, including that the attack will be recognizable (i.e., signature-based) and that the attacker will behave in ways that make possible to see the attack and stop it before it does much damage. This is no longer the case in the majority of cyber attacks and is never what goes on in targeted attacks.
Sophisticated malware techniques devised by modern cyber-minds can easily evade multi-tiered, traditional security defenses. Malware now enters the network undetected. Then, in stealth mode, sophisticated malware can replicate itself across the infrastructure and wreak havoc. This new type of malware easily evades the detection-based radar by assuming different forms and deploying innovative techniques – eventually leading to a breach and security compromise.
New breed of sophisticated malware and limitations of the reactive approach
The converged systems of the digital landscape have obscured the traditional IT perimeter, resulting in an increased attack surface. This means far more entry points for adversaries to gain access to enterprise data and systems. The modern breed of attackers is continuously outpacing the defense initiatives with new types and patterns of malware. The disparate systems, siloed approach and lack of interoperability within various stacks of security solutions further impact the efficacy of the detection based model.
Security strategy of today needs a rethink! Given the malware menace and the cyber skill shortage at hand – enterprises cannot possibly keep reactively detecting threats anymore. There is a need to establish a proactive security-first approach.
Move beyond detection. Start isolation.
Malware isolation offers a workable, more robust alternative. The process prevents unchecked active code from ever getting inside the enterprise network. Isolation-based security remediates one of the most important necessities of employee productivity, yet what remains the most common and severe vulnerability in corporations — ‘web browsing’. When we browse the Web, we are allowing our network endpoints to bring large sets of unchecked active code. This remains a tremendous risk, With Remote Browser Isolation, there is a better way.
Remote browser isolation, also called web-malware isolation or remote browser isolation, isolates the web browser from the endpoint, thus ensuring secure web browsing without any material change for the end user with respect to their browsing experience.